Detections
Analytics

Ensure there is no policy with wildcards (*) used in principal for Amazon Simple Queue Service (SQS) Queue

LOW

Description

Policy found with wildcards (*). Using wildcards in policy principal may lead to unauthorized access.

Remediation

In AWS Console -

  1. Sign in to the AWS console and go to the SQS console.
  2. In the list of Queues, select the Queue to edit.
  3. Select the Access policy tab.
  4. Select Edit and then edit the policy accordingly.
  5. Select Save.

In Terraform -

  1. Review the policy attached to the aws_sqs_queue resource and ensure necessary changes are made.

References:
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-add-permissions.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue

Policy Details

Rule Reference ID: AC_AWS_0551
CSP: AWS
Remediation Available: Yes
Domain: Identity and Access Management
Resource: aws_sqs_queue
Resource Category: Messaging
Resource Type: Simple Queue Service (SQS)

Frameworks